vpn: strip pptp redir mode, it's two fw rules

4df4702d · Franco Fichtner · 9bf6c144 · 4df4702d · 4df4702d · 4df4702d
Commit 4df4702d authored Apr 10, 2016 by Franco Fichtner
Showing with 8 additions and 56 deletions

filter.inc src/etc/inc/filter.inc +3 -16

vpn.inc src/etc/inc/plugins.inc.d/vpn.inc +1 -9

vpn_l2tp.php src/www/vpn_l2tp.php +2 -2

vpn_pptp.php src/www/vpn_pptp.php +2 -29

No files found.
--- a/src/etc/inc/filter.inc
+++ b/src/etc/inc/filter.inc
@@ -959,7 +959,7 @@ function filter_generate_optcfg_array()
        $FilterIflist[$if] = $oic;
    }
-    if ($config['pptpd']['mode'] == "server" || $config['pptpd']['mode'] == "redir") {
+    if (isset($config['pptpd']['mode']) && $config['pptpd']['mode'] == 'server') {
        $oic = array();
        $oic['if'] = 'pptp';
        $oic['descr'] = 'pptp';
@@ -974,7 +974,7 @@ function filter_generate_optcfg_array()
        }
        $FilterIflist['pptp'] = $oic;
    }
-    if (isset($config['l2tp']['mode']) && $config['l2tp']['mode'] == "server") {
+    if (isset($config['l2tp']['mode']) && $config['l2tp']['mode'] == 'server') {
        $oic = array();
        $oic['if'] = 'l2tp';
        $oic['descr'] = 'L2TP';
@@ -2113,16 +2113,6 @@ function filter_nat_rules_generate(&$FilterIflist)
    fclose($inetd_fd);
-    if (isset($config['pptpd']['mode']) && ($config['pptpd']['mode'] != "off")) {
-        if ($config['pptpd']['mode'] == "redir") {
-            $pptpdtarget = $config['pptpd']['redir'];
-            $natrules .= "# PPTP\n";
-            $natrules .= "rdr on \${$FilterIflist['wan']['descr']} proto gre from any to any -> {$pptpdtarget}\n";
-            $natrules .= "rdr on \${$FilterIflist['wan']['descr']} proto tcp from any to any port 1723 -> {$pptpdtarget}\n";
-        }
-    }
    $natrules .= "\n# UPnP\n";
    $natrules .= "rdr-anchor \"miniupnpd\"\n";
@@ -3193,12 +3183,9 @@ EOD;
        unset($alports);
    }
-    /* PPTPd enabled? */
+    if ($pptpdcfg['mode'] && $pptpdcfg['mode'] == 'server' && !isset($config['system']['disablevpnrules'])) {
-    if ($pptpdcfg['mode'] && ($pptpdcfg['mode'] != "off") && !isset($config['system']['disablevpnrules'])) {
        if ($pptpdcfg['mode'] == "server") {
            $pptpdtarget = get_interface_ip();
-        } else {
-            $pptpdtarget = $pptpdcfg['redir'];
        }
        if (is_ipaddr($pptpdtarget) and is_array($FilterIflist['wan'])) {
            $ipfrules .= <<<EOD

--- a/src/etc/inc/plugins.inc.d/vpn.inc
+++ b/src/etc/inc/plugins.inc.d/vpn.inc
@@ -138,7 +138,7 @@ function vpn_pptpd_configure()
    killbypid('/var/run/pptp-vpn.pid', 'TERM', true);
    mwexec('rm -rf /var/etc/pptp-vpn');
-    if (!isset($pptpdcfg['mode']) || ($pptpdcfg['mode'] != 'server' && $pptpdcfg['mode'] != 'redir')) {
+    if (!isset($pptpdcfg['mode']) || $pptpdcfg['mode'] != 'server') {
        return 0;
    }
@@ -146,11 +146,6 @@ function vpn_pptpd_configure()
        echo gettext("Configuring PPTP VPN service...");
    }
-    if (empty($pptpdcfg['n_pptp_units'])) {
-        log_error("Something wrong in the PPTPd configuration. Preventing starting the daemon because issues would arise.");
-        return;
-    }
    switch ($pptpdcfg['mode']) {
        case 'server':
            mkdir('/var/etc/pptp-vpn');
@@ -297,9 +292,6 @@ EOD;
            mwexec('/usr/local/sbin/mpd5 -b -d /var/etc/pptp-vpn -p /var/run/pptp-vpn.pid -s pptps pptps');
            break;
-        case 'redir':
-            break;
    }
    if (file_exists('/var/run/booting')) {

--- a/src/www/vpn_l2tp.php
+++ b/src/www/vpn_l2tp.php
@@ -190,9 +190,9 @@ include("head.inc");
                  <tr>
                    <td></td>
                    <td>
-                      <input name="mode" type="radio" value="off" <?=($pconfig['mode'] != "server") && ($pconfig['mode'] != "redir") ? "checked=\"checked\"" : "";?>/>
+                      <input name="mode" type="radio" value="off" <?=($pconfig['mode'] != 'server') ? 'checked="checked"' : '';?>/>
                      <?=gettext("Off"); ?> <br/>
-                      <input type="radio" name="mode" value="server"  <?=$pconfig['mode'] == "server" ? "checked=\"checked\"" : "";?>/>
+                      <input type="radio" name="mode" value="server"  <?=$pconfig['mode'] == 'server' ? 'checked="checked"' : '';?>/>
                      <?=gettext("Enable L2TP server"); ?></td>
                    </td>
                  </tr>

--- a/src/www/vpn_pptp.php
+++ b/src/www/vpn_pptp.php
@@ -44,7 +44,6 @@ $pptpcfg = &$config['pptpd'];
 if ($_SERVER['REQUEST_METHOD'] === 'GET') {
    $pconfig['remoteip'] = $pptpcfg['remoteip'];
    $pconfig['localip'] = $pptpcfg['localip'];
-    $pconfig['redir'] = $pptpcfg['redir'];
    $pconfig['mode'] = $pptpcfg['mode'];
    $pconfig['wins'] = $pptpcfg['wins'];
    $pconfig['req128'] = isset($pptpcfg['req128']);
@@ -105,22 +104,12 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
                $input_errors[] = gettext("The specified server address lies in the remote subnet.");
            }
        }
-    } elseif ($_POST['mode'] == "redir") {
-        $reqdfields = explode(" ", "redir");
-        $reqdfieldsn = array(gettext("PPTP redirection target address"));
-        do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
-        if (($_POST['redir'] && !is_ipaddr($_POST['redir']))) {
-            $input_errors[] = gettext("A valid target address must be specified.");
-        }
    } elseif (isset($config['pptpd']['mode'])) {
        unset($config['pptpd']['mode']);
    }
    if (!$input_errors) {
        $pptpcfg['remoteip'] = $_POST['remoteip'];
-        $pptpcfg['redir'] = $_POST['redir'];
        $pptpcfg['localip'] = $_POST['localip'];
        $pptpcfg['mode'] = $_POST['mode'];
        $pptpcfg['wins'] = $_POST['wins'];
@@ -231,25 +220,9 @@ include("head.inc");
                    <tr>
                      <td></td>
                      <td>
-                        <input name="mode" type="radio" value="off" <?=(($pconfig['mode'] != "server") && ($pconfig['mode'] != "redir")) ? "checked=\"checked\"" : "";?>/>
+                        <input name="mode" type="radio" value="off" <?=($pconfig['mode'] != 'server') ? 'checked="checked"' : '';?>/>
                        <?=gettext("Off"); ?><br/>
-                        <input type="radio" name="mode" value="redir" <?=($pconfig['mode'] == "redir") ? "checked=\"checked\"" : "";?>/>
+                        <input type="radio" name="mode" value="server"  <?=($pconfig['mode'] == 'server') ? 'checked="checked"' : '';?>/>
-                        <?=gettext("Redirect incoming PPTP connections to");?>:
-                      </td>
-                    </tr>
-                    <tr>
-                      <td><a id="help_for_redir" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("PPTP redirection");?></td>
-                      <td>
-                        <input name="redir" type="text" id="redir" value="<?=$pconfig['redir'];?>" />
-                        <div class="hidden" for="help_for_redir">
-                          <?=gettext("Enter the IP address of a host which will accept incoming PPTP connections."); ?>
-                        </div>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td></td>
-                      <td>
-                        <input type="radio" name="mode" value="server"  <?=($pconfig['mode'] == "server") ? "checked=\"checked\"" : "";?>/>
                        <?=gettext("Enable PPTP server"); ?>
                      </td>
                    </tr>